Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Corelight CEO Brian Dye shares the story of the company’s first multi-million-dollar customer—a team that had spent seven years trying to operationalize Zeek using another commercial vendor. With Corelight, they were up and running across 20 sites in just four months. This story highlights the foundational value Corelight provides: a hardened, scalable Zeek deployment that unlocks visibility, incident response, and threat hunting at scale.

Corelight CEO Brian Dye shares how a customer in the energy sector turned a mandatory compliance project into a broader security win. Brought in to meet FERC 87 monitoring requirements for bulk electric systems, Corelight also helped advance their security operations. The customer used the compliance mandate not just to check a box—but to gain meaningful visibility and security value from day one.

Corelight CEO Brian Dye recounts how Corelight supported SectorCERT—an alliance of energy companies in Denmark—during one of the most advanced attack sequences he’s seen. The coordinated campaign targeted a shared firewall vulnerability across nearly a dozen organizations. Corelight provided the critical visibility and detection that helped defenders stop the first wave—and stay ahead of a second, modified attack just weeks later. The incident became a model of collaboration and response across national infrastructure.

Corelight CEO Brian Dye shares the high-stakes story of a customer under a $10 million ransomware attack. The attackers claimed to have stolen sensitive IP—but with Corelight, the customer had the network visibility to verify exactly what was taken. The result? They confirmed the stolen data was limited and non-critical, enabling them to confidently deny the ransom demand. This powerful story illustrates the difference between “I think” and “I know”—and how that clarity can drive executive confidence, legal defensibility, and real-world savings.